Merge branch 'allow-to-disable-ci' into 'master'

Allow to disable GitLab CI Added simple config option to disable GitLab CI It makes all CI related requests to return 404 /cc @dzaporozhets @jacobvosmaer @vsizov See merge request !1340

Merge branch 'allow-to-disable-ci' into 'master'
Allow to disable GitLab CI Added simple config option to disable GitLab CI It makes all CI related requests to return 404 /cc @dzaporozhets @jacobvosmaer @vsizov See merge request !1340
8b05abe8 · Dmitriy Zaporozhets · 1eb3dde4 · 97fa9904 · 8b05abe8 · 8b05abe8
Commit 8b05abe8 authored Sep 18, 2015 by Dmitriy Zaporozhets
14 changed files
--- a/app/controllers/admin/application_settings_controller.rb
+++ b/app/controllers/admin/application_settings_controller.rb
@@ -56,6 +56,7 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
      :restricted_signup_domains_raw,
      :version_check_enabled,
      :user_oauth_applications,
+      :ci_enabled,
      restricted_visibility_levels: [],
      import_sources: []
    )

--- a/app/controllers/ci/application_controller.rb
+++ b/app/controllers/ci/application_controller.rb
 module Ci
  class ApplicationController < ::ApplicationController
+    before_action :check_enable_flag!
    def self.railtie_helpers_paths
      "app/helpers/ci"
    end
@@ -8,6 +10,13 @@ module Ci
    private
+    def check_enable_flag!
+      unless current_application_settings.ci_enabled
+        redirect_to(disabled_ci_projects_path)
+        return
+      end
+    end
    def authenticate_public_page!
      unless project.public
        authenticate_user!

--- a/app/controllers/ci/projects_controller.rb
+++ b/app/controllers/ci/projects_controller.rb
@@ -5,13 +5,17 @@ module Ci
    before_action :authenticate_user!, except: [:build, :badge, :index, :show]
    before_action :authenticate_public_page!, only: :show
    before_action :project, only: [:build, :integration, :show, :badge, :edit, :update, :destroy, :toggle_shared_runners, :dumped_yaml]
-    before_action :authorize_access_project!, except: [:build, :badge, :index, :show, :new, :create]
+    before_action :authorize_access_project!, except: [:build, :badge, :index, :show, :new, :create, :disabled]
    before_action :authorize_manage_project!, only: [:edit, :integration, :update, :destroy, :toggle_shared_runners, :dumped_yaml]
    before_action :authenticate_token!, only: [:build]
    before_action :no_cache, only: [:badge]
+    skip_before_action :check_enable_flag!, only: [:disabled]
    protect_from_forgery except: :build
-    layout 'ci/project', except: :index
+    layout 'ci/project', except: [:index, :disabled]
+    def disabled
+    end
    def index
      @limit, @offset = (params[:limit] || PROJECTS_BATCH).to_i, (params[:offset] || 0).to_i

--- a/app/models/application_setting.rb
+++ b/app/models/application_setting.rb
@@ -83,7 +83,8 @@ class ApplicationSetting < ActiveRecord::Base
      default_project_visibility: Settings.gitlab.default_projects_features['visibility_level'],
      default_snippet_visibility: Settings.gitlab.default_projects_features['visibility_level'],
      restricted_signup_domains: Settings.gitlab['restricted_signup_domains'],
-      import_sources: ['github','bitbucket','gitlab','gitorious','google_code','fogbugz','git']
+      import_sources: ['github','bitbucket','gitlab','gitorious','google_code','fogbugz','git'],
+      ci_enabled: Settings.gitlab_ci['enabled']
    )
  end

--- a/app/views/admin/application_settings/_form.html.haml
+++ b/app/views/admin/application_settings/_form.html.haml
@@ -124,5 +124,14 @@
        = f.text_area :help_page_text, class: 'form-control', rows: 4
        .help-block Markdown enabled
+  %fieldset
+    %legend Continuous Integration
+    .form-group
+      .col-sm-offset-2.col-sm-10
+        .checkbox
+          = f.label :ci_enabled do
+            = f.check_box :ci_enabled
+            Enable Continuous Integration
  .form-actions
    = f.submit 'Save', class: 'btn btn-primary'
--- a/app/views/ci/projects/disabled.html.haml
+++ b/app/views/ci/projects/disabled.html.haml
+Continuous Integration has been disabled. Please ask your administrator to enable it.
--- a/app/views/layouts/ci/application.html.haml
+++ b/app/views/layouts/ci/application.html.haml
@@ -2,7 +2,7 @@
 %html{ lang: "en"}
  = render 'layouts/head'
  %body{class: "ci-body #{user_application_theme}", 'data-page' => body_data_page}
-    - header_title = "CI Projects"
+    - header_title = "Continuous Integration"
    - if current_user
      = render "layouts/header/default", title: header_title
    - else

--- a/app/views/layouts/nav/_dashboard.html.haml
+++ b/app/views/layouts/nav/_dashboard.html.haml
@@ -31,7 +31,7 @@
        %span
          Merge Requests
          %span.count= current_user.assigned_merge_requests.opened.count
-  = nav_link(path: 'ci/projects#index') do
+  = nav_link(path: ['ci/projects#index', 'ci/projects#disabled']) do
    = link_to ci_projects_path, title: 'Continuous Integration', data: {placement: 'right'} do
      = icon('building fw')
      %span

--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -178,6 +178,7 @@ Settings.gitlab['import_sources'] ||= ['github','bitbucket','gitlab','gitorious'
 # CI
 #
 Settings['gitlab_ci'] ||= Settingslogic.new({})
+Settings.gitlab_ci['enabled']             = true if Settings.gitlab_ci['enabled'].nil?
 Settings.gitlab_ci['all_broken_builds']   = true if Settings.gitlab_ci['all_broken_builds'].nil?
 Settings.gitlab_ci['add_pusher']          = false if Settings.gitlab_ci['add_pusher'].nil?
 Settings.gitlab_ci['url']                 ||= Settings.send(:build_gitlab_ci_url)

--- a/config/routes.rb
+++ b/config/routes.rb
@@ -12,7 +12,7 @@ Gitlab::Application.routes.draw do
    resources :projects do
      collection do
        post :add
-        get :gitlab
+        get :disabled
      end
      member do

--- a/db/migrate/20150918084513_add_ci_enabled_to_application_settings.rb
+++ b/db/migrate/20150918084513_add_ci_enabled_to_application_settings.rb
+class AddCiEnabledToApplicationSettings < ActiveRecord::Migration
+  def change
+    add_column :application_settings, :ci_enabled, :boolean, null: false, default: true
+  end
+end
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended that you check this file into your version control system.
-ActiveRecord::Schema.define(version: 20150916145038) do
+ActiveRecord::Schema.define(version: 20150918084513) do
  # These are extensions that must be enabled in order to support this database
  enable_extension "plpgsql"
@@ -46,6 +46,7 @@ ActiveRecord::Schema.define(version: 20150916145038) do
    t.integer  "session_expire_delay",         default: 10080, null: false
    t.text     "import_sources"
    t.text     "help_page_text"
+    t.boolean  "ci_enabled",                   default: true,  null: false
  end
  create_table "audit_events", force: true do |t|

--- a/lib/ci/api/api.rb
+++ b/lib/ci/api/api.rb
@@ -23,6 +23,10 @@ module Ci
        rack_response({ 'message' => '500 Internal Server Error' }, 500)
      end
+      before do
+        check_enable_flag!
+      end
      format :json
      helpers Helpers

--- a/lib/ci/api/helpers.rb
+++ b/lib/ci/api/helpers.rb
@@ -3,6 +3,12 @@ module Ci
    module Helpers
      UPDATE_RUNNER_EVERY = 60
+      def check_enable_flag!
+        unless current_application_settings.ci_enabled
+          render_api_error!('400 (Bad request) CI is disabled', 400)
+        end
+      end
      def authenticate_runners!
        forbidden! unless params[:token] == GitlabCi::REGISTRATION_TOKEN
      end